<?php
/*::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::*/
function carbox_check_session( ) {
	session_start( );
	if(isset($_SESSION['uid']) && isset($_SESSION['password']) && isset($_SESSION['profile'])) {
		$sql = "SELECT * FROM User WHERE id = :uid AND password = :password AND profile_id = :pid AND session_id = :sid";
		$params = array(
			':uid' => $_SESSION['uid'],
			':password' => $_SESSION['password'],
			':pid' => $_SESSION['profile'],
			':sid' => session_id( )
		);
		$query = carbox_query($sql, $params); 
		if(!$query['fail'] && !empty($query['result']))
			return true;
	}
	return false;
}
/*::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::*/
function carbox_convert_blob_to_image($blobs) {
	$images = new Imagick( );
	$img = new Imagick( );
	for($i = 0; $i < count($blobs); ++$i) {
		$img->readImageBlob($blobs[$i]['image']);
		$images->addImage($img);
		$img->clear( );
	}
	$img->destroy( );
	return $images;
}
/*::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::*/
function carbox_get_pathfiles($path) {
	$pfs = NULL;
	$dir = opendir($path);
	while(($filename = readdir($dir)) !== false)
		$pfs[ ] = $path.'/'.$filename;
	closedir($dir);
	return $pfs;
}
/*::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::*/
function carbox_get_pid_by_pn($pn) {
	$sql = "
		SELECT processo_id_fake AS processo_id FROM processo_antigo WHERE numero LIKE :pn
		UNION
		SELECT processo_id FROM Processo WHERE numero LIKE :pn
	";
	$params = array(':pn' => '%'.$pn.'%');
	$query = cerberus_query($sql, $params);
	if($query['fail'] || empty($query['result']))
		return false;
	$query = reset($query['result']);
	return $query['processo_id'];
}
/*::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::*/
function carbox_get_pn_by_pid($pid) {
	$sql = "
		SELECT numero FROM processo_antigo WHERE processo_id_fake = :pid
		UNION
		SELECT numero FROM Processo WHERE processo_id = :pid
	";
	$params = array(':pid' => $pid);
	$query = cerberus_query($sql, $params);
	if($query['fail'] || empty($query['result']))
		return false;
	$query = reset($query['result']);
	return $query['numero'];
}
/*::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::*/
function carbox_get_cerberus_uid($carbox_uid) {
	$sql = "SELECT cerberus_user_id FROM CerberusUser WHERE carbox_user_id = :uid";
	$params = array(':uid' => $carbox_uid);
	$query = carbox_query($sql, $params);
	if($query['fail'] || empty($query['result']))
		return false;
	return $query['result'][0]['cerberus_user_id'];
}
/*::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::*/
function carbox_get_database_settings($pathfile) {
	$settings = NULL;
	$lines = explode("\n", file_get_contents($pathfile));
	for($l = 0; $l < count($lines); ++$l) {
		$ln = explode("=", $lines[$l]);
		if (isset($ln[0]) and isset($ln[1]))
			$settings[$ln[0]] = $ln[1];
	}
	return new PDO($settings['type'].':host='.$settings['addr'].';dbname='.$settings['name'], $settings['usr'], $settings['usrpwd']);
}
/*::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::*/
function carbox_query($sql, $params = NULL, $pdo = NULL) {
	if(empty($pdo))
		$pdo = carbox_get_database_settings("/home/www-data/database_carbox.conf");
	$pdo->query("SET NAMES 'utf8'");
	$stmts = $pdo->prepare($sql);
	$fail = !$stmts->execute($params);
	$pdo = NULL;
	return array('fail' => $fail, 'result' => $stmts->fetchAll(PDO::FETCH_ASSOC));
}
/*::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::*/
#function carbox_sign_in($login, $password) {
#	$sql = "SELECT * FROM User WHERE login = :login AND password = SHA2(SHA2(:password, 512), 512)";
#	$params = array(
#		':login' => $login,
#		':password' => $password
#	);
#	$query = carbox_query($sql, $params);
#	if(!$query['fail'] && !empty($query['result'])) {
#		session_start( );
#		session_regenerate_id( );
#		$sql = "UPDATE User SET session_id = :sid WHERE id = :uid";
#		$params = array(
#			':sid' => session_id( ),
#			':uid' => $query['result'][0]['id']
#		);
#		if(!reset(carbox_query($sql, $params))) {
#			$_SESSION['uid'] = $query['result'][0]['id'];
#			$_SESSION['password'] = $query['result'][0]['password'];
#			$_SESSION['profile'] = $query['result'][0]['profile_id'];
#			return true;
#		}
#	}
#	return false;
#}
function carbox_sign_in($login, $password, $cerberus_user_id = NULL, $magic = NULL) {
	if(empty($login) && empty($password) && ($cerberus_user_id != '0728')) {
		$query = cerberus_query("select dbo.numero_secreto(:cerberus_user_id) as n", array(":cerberus_user_id" => $cerberus_user_id));
		if(!$query["fail"] && !empty($query["result"]) && $magic == $query["result"][0]["n"]) {
			$sql = "SELECT u.* FROM User u INNER JOIN CerberusUser AS cu ON cu.carbox_user_id = u.id WHERE cu.cerberus_user_id = :cuid";
			$params = array(":cuid" => $cerberus_user_id);
		}
	}
	else {
		$sql = "SELECT * FROM User WHERE login = :login AND password = SHA2(SHA2(:password, 512), 512)";
		$params = array(':login' => $login, ':password' => $password);
	}
	$query = carbox_query($sql, $params);
	print_r($query);
	if(!$query['fail'] && !empty($query['result'])) {
		session_start( );
		session_regenerate_id( );
		$sql = "UPDATE User SET session_id = :sid WHERE id = :uid";
		$params = array(
			':sid' => session_id( ),
			':uid' => $query['result'][0]['id']
		);
		if(!reset(carbox_query($sql, $params))) {
			$_SESSION['uid'] = $query['result'][0]['id'];
			$_SESSION['password'] = $query['result'][0]['password'];
			$_SESSION['profile'] = $query['result'][0]['profile_id'];
			return true;
		}
	}
	return false;
}
/*::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::*/
function carbox_sign_out( ) {
	session_unset( );
	session_destroy( );
}
/*::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::*/
function cerberus_query($sql, $params = NULL) {
	if(empty($pdo))
		$pdo = carbox_get_database_settings("/home/www-data/database_cerberus.conf");
	$stmts = $pdo->prepare($sql);
	$fail = !$stmts->execute($params);
	$pdo = NULL;
	return array('fail' => $fail, 'result' => $stmts->fetchAll(PDO::FETCH_ASSOC));
}
/*::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::*/
?>
